I think we broke this recently, can you try this PR? https://github.com/openshift/openshift-ansible/pull/5178
On Fri, Aug 25, 2017 at 9:20 AM, Tim Dudgeon <[email protected]> wrote: > I'm creating this as a new topic, although it has partly been discussed > earlier. > Now I have a better understanding of the problem so its best discussed as > a new topic. > > The issue is that the certificate that is generated by the ansible > installer for the docker repository is not correct, so any builder process > that tries to push to the repo fails with an error like this: > > error: build error: Failed to push image: Get https://docker-registry. > default.svc:5000/v1/_ping > <https://www.google.com/url?q=https%3A%2F%2Fdocker-registry.default.svc%3A5000%2Fv1%2F_ping&sa=D&sntz=1&usg=AFQjCNGK97vHN3_7l5y3l197LvJvBlFWGw>: > x509: certificate is valid for docker-registry-default.os. > informaticsmatters.com, 172.30.148.243, not docker-registry.default.svc > > Looking at the /etc/origin/master/registry.crt certificate that is > generated on the master node its contents confirm this. The key part is > this: > > X509v3 Subject Alternative Name: > DNS:docker-registry-default.os.informaticsmatters.com, > DNS:172.30.148.243, IP Address:172.30.148.243 > > Indeed, docker-registry.default.svc is not included in the names. > The os.informaticsmatters.com related hostname comes from the value of > the openshift_master_cluster_public_hostname and/or the > openshift_master_default_subdomain variables in the inventory file. Is > this present to allow the registry to be exposed externally? > > But I'm baffled as to why this is happening. Looking at the code it looks > like this is the key player: > https://github.com/openshift/openshift-ansible/blob/ > 9d4a0c00b0c554a8b7bd7242438806ce901831bc/playbooks/common/ > openshift-cluster/redeploy-certificates/registry.yml#L70 > > And if that is the case then it looks like docker-registry.default.svc > should be added. > > Is this a bug? If so presumably it should be affecting everyone? > > This is using OpenShift Origin 3.6, installing using the ansible installer > from the master branch. > > Thanks > Tim > > _______________________________________________ > users mailing list > [email protected] > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > >
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
